CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.